Andy Smith <a...@strugglers.net> writes: > Ansible can be very simple and quick to learn and everything you've > mentioned in your post can easily be done with it.
Thanks, I'd heard of Ansible before and I tried it and cdist and decided to do this with Ansible. Mostly because I couldn't get anywhere with cdist. Ansible is a little whiny and frustrating so I did some things like editing a config file in an ssh loop since Ansible didn't run my perfectly fine sed thingy. So anyways, my various firewall configs are in place; the ability to include a directory from nftables turned out to be the solution for different firewall configs on different machines.